Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] Fwd: Avaaz

SiNA sina.rabbani at
Sun May 6 10:33:39 PDT 2012

DoS and DDoS are relatively cheap to launch and very expensive to defend.
Most fortune 500 entities such as Google  have their own DDoS team in
house, The rest are at the mercy of their ISP to protect (or worst to
not kick them off).

Any publisher online with sensitive material should expect such
attacks that inlcudes projects like Avaaz.
DDoS is all about exhausting ones resources, those resources can be
your bandwidth, money and man power.

Let's assume that Avaaz only has 1 technologist on their team for
cyber defence. In case of a 2-3 days DDoS or DoS that poor guy is
probably going to be up for 2-3 days without any sleep
just to make sure all services are responsive.

So all it takes is a 3 day attack for Avaaz management to start
thinking about hiring more staff and etc...

I also happen to have met some of the Avaaz team, they are good people
trying to do a good job.
In the past 2 years I have met so many "Sharks" in the business of
defending freedom of speech online, Avaaz is definitely not one of


PGP: 0x0B47D56D

On Sun, May 6, 2012 at 3:44 AM, Jacob Appelbaum <jacob at> wrote:
> Hi all,
> ( This is not just for Jillian, I'm just using her mail as a jumping in
> point... )
> On 05/06/2012 12:03 PM, Jillian C. York wrote:
>> Hi Brant,
>> You may not want to share it list-wide, but there is certainly interest in
>> disclosing to trusted members of the security community.  That said, I'm
>> also not a security expert, so I'm hoping that perhaps Hal Roberts or Jake
>> Appelbaum might jump in and say something here.
> Anyone talented can probably perform a denial of service attack for most
> of the sites around without creating any kind of abnormal logging events.
> I'd just like to say that this is the saddest bikeshed I've seen on
> liberationtech yet. I wish that people on this list who want the "proof"
> from Avaaz would make these kinds of demands of the makers of
> proprietary software that claims to be unbreakable and perfectly secure,
> of people who claim that cyberwar/cyberterrorism is a really serious
> problem, and so on. Some do make these claims all around but frankly,
> it's so rare as to be the exception and not the rule.
> Skepticism is great and I'm all for it - but I think this thread is
> beyond being skeptical and has devolved right into cynical noise. I
> think it's aggressive condescending and wrong that a member of the
> community is treated so poorly.
> I'd be happy to vet any evidence that Avaaz has as a "neutral" or
> "whatever" third party.
> All the best,
> Jacob
> _______________________________________________
> liberationtech mailing list
> liberationtech at
> Should you need to change your subscription options, please go to:
> If you would like to receive a daily digest, click "yes" (once you click above) next to "would you like to receive list mail batched in a daily digest?"
> You will need the user name and password you receive from the list moderator in monthly reminders. You may ask for a reminder here:
> Should you need immediate assistance, please contact the list moderator.
> Please don't forget to follow us on!/Liberationtech

More information about the liberationtech mailing list